CVE-2021-3185 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Arbitrary code execution
Description	A flaw was found in the gstreamer h264 component of gst-plugins-bad before version 1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, leading to memory corruption and possibly code execution.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1484	gst-plugins-bad	1.18.0-2	1.18.0+54+gbd3532008-1	Medium	Fixed

References
https://www.openwall.com/lists/oss-security/2021/01/20/1 https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1703 https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/commit/bd3532008f2a12377c2d5b56e93cbfa53e1979cf

References

https://www.openwall.com/lists/oss-security/2021/01/20/1
https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1703
https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/commit/bd3532008f2a12377c2d5b56e93cbfa53e1979cf